SSCP CramCram Exam Solved
Caesar Cipher type - Answer- Substitution cipher shifting letters by 3
Cryptovariable - Answer- The key that controls the cryptographic algorithm
WPA2 encryption method - Answer- AES in CBC + CTR mode (CCMP)
WPA3 encryption method - Answer- SAE (Simultaneous Authentication of Equals) with
AES-GCMP
WEP weakness - Answer- Static keys and weak IV (24-bit)
Asymmetric scalability solution - Answer- Hierarchies of trust (PKI certificate chains)
Web of trust - Answer- Decentralized trust model (PGP) - users vouch for each other
CA primary function - Answer- Validates that a public key belongs to a specific user
RA (Registration Authority) function - Answer- Verifies identity before CA issues
certificate
CRL purpose - Answer- List of revoked certificates
OCSP purpose - Answer- Real-time certificate validity checking
HSM purpose - Answer- Manages and protects digital certificates and keys
TPM purpose - Answer- Hardware chip for secure key storage on endpoints
DES security property - Answer- Confidentiality only (not integrity)
DES key size - Answer- 56-bit effective (64-bit with parity)
3DES key sizes - Answer- 112-bit (2-key) or 168-bit (3-key)
AES key sizes - Answer- 128, 192, or 256 bits
AES block size - Answer- 128 bits
Blowfish key range - Answer- 32 to 448 bits
Twofish block size - Answer- 128 bits
Integrity mechanisms (3) - Answer- MAC, MD5, SHA hashing, parity
, MD5 hash output - Answer- 128 bits
SHA-1 hash output - Answer- 160 bits
SHA-256 hash output - Answer- 256 bits
HMAC definition - Answer- Hash-based Message Authentication Code - hash + secret
key
Digital signature provides - Answer- Authentication, integrity, non-repudiation
Symmetric vs asymmetric speed - Answer- Symmetric is faster, asymmetric is slower
Symmetric key problem - Answer- Key distribution - both parties need same key
Asymmetric key pair usage - Answer- Public encrypts, private decrypts (or vice versa for
signing)
Diffie-Hellman purpose - Answer- Secure key exchange over insecure channel
Diffie-Hellman vulnerability - Answer- Man-in-the-middle attack
RSA key sizes - Answer- 2048-bit minimum, 4096-bit recommended
RSA based on - Answer- Factoring large prime numbers
ECC advantage - Answer- Smaller keys, same security as RSA
Block cipher - Answer- Encrypts fixed-size blocks (e.g., 64 or 128 bits)
Stream cipher - Answer- Encrypts one bit or byte at a time
Stream cipher example - Answer- RC4
Substitution cipher - Answer- Replaces characters with other characters
Transposition cipher - Answer- Rearranges character positions
ECB mode weakness - Answer- Identical plaintext blocks produce identical ciphertext
CBC mode - Answer- Each block XORed with previous ciphertext block
CTR mode advantage - Answer- Parallelizable encryption/decryption
Caesar Cipher type - Answer- Substitution cipher shifting letters by 3
Cryptovariable - Answer- The key that controls the cryptographic algorithm
WPA2 encryption method - Answer- AES in CBC + CTR mode (CCMP)
WPA3 encryption method - Answer- SAE (Simultaneous Authentication of Equals) with
AES-GCMP
WEP weakness - Answer- Static keys and weak IV (24-bit)
Asymmetric scalability solution - Answer- Hierarchies of trust (PKI certificate chains)
Web of trust - Answer- Decentralized trust model (PGP) - users vouch for each other
CA primary function - Answer- Validates that a public key belongs to a specific user
RA (Registration Authority) function - Answer- Verifies identity before CA issues
certificate
CRL purpose - Answer- List of revoked certificates
OCSP purpose - Answer- Real-time certificate validity checking
HSM purpose - Answer- Manages and protects digital certificates and keys
TPM purpose - Answer- Hardware chip for secure key storage on endpoints
DES security property - Answer- Confidentiality only (not integrity)
DES key size - Answer- 56-bit effective (64-bit with parity)
3DES key sizes - Answer- 112-bit (2-key) or 168-bit (3-key)
AES key sizes - Answer- 128, 192, or 256 bits
AES block size - Answer- 128 bits
Blowfish key range - Answer- 32 to 448 bits
Twofish block size - Answer- 128 bits
Integrity mechanisms (3) - Answer- MAC, MD5, SHA hashing, parity
, MD5 hash output - Answer- 128 bits
SHA-1 hash output - Answer- 160 bits
SHA-256 hash output - Answer- 256 bits
HMAC definition - Answer- Hash-based Message Authentication Code - hash + secret
key
Digital signature provides - Answer- Authentication, integrity, non-repudiation
Symmetric vs asymmetric speed - Answer- Symmetric is faster, asymmetric is slower
Symmetric key problem - Answer- Key distribution - both parties need same key
Asymmetric key pair usage - Answer- Public encrypts, private decrypts (or vice versa for
signing)
Diffie-Hellman purpose - Answer- Secure key exchange over insecure channel
Diffie-Hellman vulnerability - Answer- Man-in-the-middle attack
RSA key sizes - Answer- 2048-bit minimum, 4096-bit recommended
RSA based on - Answer- Factoring large prime numbers
ECC advantage - Answer- Smaller keys, same security as RSA
Block cipher - Answer- Encrypts fixed-size blocks (e.g., 64 or 128 bits)
Stream cipher - Answer- Encrypts one bit or byte at a time
Stream cipher example - Answer- RC4
Substitution cipher - Answer- Replaces characters with other characters
Transposition cipher - Answer- Rearranges character positions
ECB mode weakness - Answer- Identical plaintext blocks produce identical ciphertext
CBC mode - Answer- Each block XORed with previous ciphertext block
CTR mode advantage - Answer- Parallelizable encryption/decryption
